Mailing List Archive

Support open source code!


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

tlug: Use .htaccess, or ?



I need some opinions/advice on setting up controlled access to part of a web
site.

I'm developing a web site which will be mostly public, but one part will be
accessible only to members of the organization, and at this point it looks
like they will probably all be sharing one userid and password (yes, I know
exactly how secure this isn't, but it wasn't my idea :-(    ).   This site
will be running on a virtual server under Apache.   Is this best handled by
using .htaccess, or should it be done through a CGI, or is there some other,
better way to handle it?

If .htaccess is the way to go, would this be all I needed to put in it:

AuthName If you get this wrong, your computer will explode
AuthType Basic 
AuthUserFile .htpasswd               # Where should I put this file
                                     # on a system with a bunch of
                                     # virtual servers on it?
require valid-user 


Will this .htaccess also protect all directories below it, or do I need to put
one in each directory down the tree, if there are any?  (I think there won't
be, but that could change.)

If they do decide to go with an assigned user-id and password for
each person (I doubt they will), how large should the user database be
allowed to get before going to a DB or DBM format?

And finally, any and all decent how-to sources on this are gratefully
accepted.  My dead-tree editions have been kind of sparce on this, and I
haven't found very much on the web so far either, except a useful article on
www.apacheweek.com that got me this far.  Guess I haven't looked under just
the right rocks yet.

Happily, running Linux on my work machine allows me test out all this stuff in
the here and now :-)

TIA,

Jonathan Byrne
Media and Content Section
3Web - Your Internet Solution! <URL:http://www.threeweb.ad.jp/index.en.html>
3Web Channel <URL: http://www.3web.co.jp/index.en.html>


---------------------------------------------------------------
Next Nomikai: 20 November, 19:30 Tengu TokyoEkiMae 03-3275-3691
Next Meeting: 12 December, 12:30 Tokyo Station Yaesu central gate
---------------------------------------------------------------
Sponsor: PHT, makers of TurboLinux http://www.pht.co.jp


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links